From dae60e784d2a2edd96b5f3e4ac8d39911b305178 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 14 Apr 2020 05:36:30 +0000 Subject: fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JQUERY-565129 --- package.json | 2 +- yarn.lock | 26 +++++--------------------- 2 files changed, 6 insertions(+), 22 deletions(-) diff --git a/package.json b/package.json index 7f78d14f..d5805cc4 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "i18n": "^0.8.3", "imgur": "git+https://github.com/hackmdio/node-imgur.git", "ionicons": "~2.0.1", - "jquery": "^3.4.1", + "jquery": "^3.5.0", "jquery-mousewheel": "^3.1.13", "jquery-ui": "^1.12.1", "js-cookie": "^2.1.3", diff --git a/yarn.lock b/yarn.lock index 4eed293d..cb59bb77 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5463,10 +5463,10 @@ jquery-ui@^1.12.1: resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.12.1.tgz#bcb4045c8dd0539c134bc1488cdd3e768a7a9e51" integrity sha1-vLQEXI3QU5wTS8FIjN0+dop6nlE= -jquery@^3.4.1: - version "3.4.1" - resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.1.tgz#714f1f8d9dde4bdfa55764ba37ef214630d80ef2" - integrity sha512-36+AdBzCL+y6qjw5Tx7HgzeGCzC81MDDgaUP8ld2zhx58HdqXGoBd+tHdrBMiyjGQs0Hxs/MLZTu/eHNJJuWPw== +jquery@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.0.tgz#9980b97d9e4194611c36530e7dc46a58d7340fc9" + integrity sha512-Xb7SVYMvygPxbFMpTFQiHh1J7HClEaThguL15N/Gg37Lri/qKyhRGZYzHRyLH8Stq3Aow0LsHO2O2ci86fCrNQ== js-beautify@^1.8.8: version "1.10.3" @@ -6793,22 +6793,6 @@ node-libs-browser@^2.2.1: util "^0.11.0" vm-browserify "^1.0.1" -node-pre-gyp@*: - version "0.14.0" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.14.0.tgz#9a0596533b877289bcad4e143982ca3d904ddc83" - integrity sha512-+CvDC7ZttU/sSt9rFjix/P05iS43qHCOOGzcr3Ry99bXG7VX953+vFyEuph/tfqoYu8dttBkE86JSKBO2OzcxA== - dependencies: - detect-libc "^1.0.2" - mkdirp "^0.5.1" - needle "^2.2.1" - nopt "^4.0.1" - npm-packlist "^1.1.6" - npmlog "^4.0.2" - rc "^1.2.7" - rimraf "^2.6.1" - semver "^5.3.0" - tar "^4.4.2" - node-pre-gyp@^0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.11.0.tgz#db1f33215272f692cd38f03238e3e9b47c5dd054" @@ -9612,7 +9596,7 @@ tar-stream@^1.5.0: to-buffer "^1.1.1" xtend "^4.0.0" -tar@^4, tar@^4.4.2: +tar@^4: version "4.4.13" resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525" integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA== -- cgit v1.2.3